Monday, October 15, 2012

Cybercriminals Continue to Target Skype Users with Fake Voicemail Notices

SkypeApparently Skype users are a favorite target for cybercriminals.

There have already been reports of an evil IM campaign infecting machines with the Dorkbot worm, and sightings of fake Skype password change notification emails, but apparently cybercrooks weren’t willing to stop there.

Just to make sure they catch as many Skype users off-guard as possible, spammers have begun sending out bogus Skype voicemail notices too.

At first glance, the emails will appear authentic – spoofed headers, Skype logo, pretty blue text, and no obvious grammar mistakes.

Unlike the Skype password spam, which used a malicious file attachment as its attack method, the fraudulent Skype voicemail messages use tainted links that will take the user to a third-party website rigged with drive-by-downloads.
Subject: You have a new voicemail
From: Skype (noreply@alerts.skype.com)

This is an automated email, please don’t reply.

Hi there,

You have a new voicemail

Sign in to Skype to listen to the message.

If you no longer want to receive email alerts about new voicemails, unsubscribe now.

Talk soon,
The people at Skype

Therefore, if you happen to receive an email claiming that you have a new Skype voicemail, we strongly urge you to take a moment to mouseover email links to make sure they actually point to Skype domain before clicking on them. Otherwise, you could be headed right into a cyber-trap!

[via GFI ]

No comments:

Post a Comment